Category Archives: Regulatory Risk

Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

New Rail Tank Car Usage Promises Safer Crude Oil Transport

Posted on by

Added capacity of pipelines used to transport crude oil and declining prices are contributing to decreasing transport of crude oil—and an almost 97% drop in the use of older, less safe transport cars between 2014 and the end of March, Gannett reported this week.

Rail tank car shipments of crude oil from the Bakken oil fields in North Dakota have declined from a peak of 498,271 in 2014 to 424,996 in 2015, according to the Association of American Railroads. An AAR official made the announcement at a rail tanker car safety forum sponsored by the National Transportation Safety Board, according to Gannett.

buy rogaine online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/rogaine.html no prescription pharmacy

In the December 2013 report “Moving Crude Oil by Rail,” the AAR noted that the rail industry has been urging federal regulators “to toughen existing standards for new tank cars” and recommended that the estimated 92,000 existing tank cars used to transport flammable liquids, including crude oil, be retrofitted with advanced safety-enhancing technologies, or phased out if they cannot be upgraded.

While there are obvious issues with the transportation of oil by rail, the AAR has pointed out that railroads have an excellent safety record with crude, even surpassing pipelines in recent years. But the industry and federal regulators acknowledge there is much room for improvement.

The new, safer tank cars have thicker steel shells, insulating materials, full-size metal shields at each end and improved outlet valves underneath the car. Increased use of the new cars is good news for densely populated areas on the east and west coasts that have numerous trains—often of at least 100 tank cars—moving through daily.

buy stromectol online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/stromectol.html no prescription pharmacy

DOT 117 train car
A transportation law, the FAST Act, signed by President Obama in December 2015, includes new mandates for freight trains transporting crude oil through the U.S. The law requires that older tank cars be replaced by the newer, safer car for shipping flammable liquids by March 1, 2018, phasing out the older model used, according to the U.S. Department of Transportation.

A rail disaster in Lac-Mégantic, Canada, on July 26, 2013, that killed 42 people brought a heightened focus on the dangers of transporting highly flammable Bakken crude oil by train.

According to the DOT, the rule also:

  • Requires an enhanced tank car standard and an aggressive, risk-based retrofitting schedule for older tank cars carrying crude oil and ethanol.
  • Requires a new braking standard for certain trains that will offer a higher level of safety by potentially reducing the severity of an accident.
  • Designates new operational protocols for trains transporting large volumes of flammable liquids, such as routing requirements, speed restrictions, and information for local government agencies.
    buy lariam online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/lariam.html no prescription pharmacy

  • Provides new sampling and testing requirements to improve classification of energy products placed into transport.

Protect Your Company from Intellectual Property Risks

Posted on by

In intellectual property management, mistakes can be extremely costly, and are, unfortunately, easy for an IP manager to make.

buy ivermectin online meadfamilydental.com/wp-content/uploads/2023/10/jpg/ivermectin.html no prescription pharmacy

The stakes are high: these could cause your company to lose its intellectual property (IP) rights, or worse, may result in competitors obtaining those rights.

buy rogaine online meadfamilydental.com/wp-content/uploads/2023/10/jpg/rogaine.html no prescription pharmacy

Here are the Top 10 IP management slip-ups that can increase these threats to your company:

  • Failure to capture an invention  With the “America Invents Act,” the United States converted to “first to file” from “first to invent.” Unlike the olden days, the first one toCopyright file a new invention—not the first to invent it—gets the rights to the patent. If one of your inventors has a patentable idea and you don’t find out about it, you risk having a competitor file ahead of you.
    buy revia online meadfamilydental.com/wp-content/uploads/2023/10/jpg/revia.html no prescription pharmacy

    Your company can also be excluded from using the invention, which may be a major setback.

  • Failure to meet statutory deadlines  Once you begin the patent filing process, you must meet strict statutory deadlines to file abroad and respond to communications from the patent offices. These include conversion to non-provisional status, application filing deadlines and national filing deadlines. Miss these dates and your patent rights disappear.
  • Failure to Stay in the Loop  Are there IP related conversations and actions happening in your company that you are not aware of? While you may be diligently tracking your activities, your inventors, attorneys or outside counsel could be taking actions (or not taking actions) that you need to know about. Things can easily fall through the cracks if you are not tracking them or in the loop. This may result in expensive mistakes and potential loss of patent rights.
  • Failure to Accurately Project Costs  There are costs associated with building an IP portfolio, including outside counsel fees, filing fees and maintenance fees. Your IP program can be adversely affected if you cannot accurately project what these fees will be and budget accordingly.
  • Failure to respond to patent trademark office actions on time  During prosecution, your patent applications will receive communications from patent offices. Either you or your outside counsel must respond to these on time. Failure to take timely actions, can lead to expensive penalties and/or loss of rights.
  • Failure to properly disclose material information  In many countries, including the U.S., you are required to file information disclosure statements that include all relevant prior art. These statements need to be consistent across all of your related patent applications. Failure to make proper disclosures can result in the loss of your patent rights.
  • Failure to maintain your patent  In most countries, you must pay regular maintenance fees for issued patents or annuities for pending applications. If you miss making a payment, are delinquent, or if a payment is not properly processed, you can lose your patent rights or may have to pay significant penalties to restore your rights.
  • Failure to enforce license obligations  If you have licensed patents to others, you need to monitor the agreement and track the royalty payments. Failure to do so can result in significant loss of royalty revenue, and unlicensed use of your IP.
  • Failure to align patent portfolio to business needs  Over time, your patent portfolio will grow. At the same time, your company’s business strategy may change. You need to monitor your portfolio to make sure it is aligned with your business needs. Maintaining a portfolio of low-value patents that doesn’t support your business strategy is a bad investment.
  • Failure to account for your IP portfolio  For companies with SEC reporting obligations, it is mandatory to accurately disclose your patent assets. If you don’t have an accurate picture of your actual portfolio, you will encounter costly and embarrassing legal problems.

As the IP manager, you are responsible for seeing that these failures don’t happen. While this is a challenge, it is one that you can meet by working closely with your inventors and outside counsel. You must also be very careful to track events in an IP calendar.

Holding Executives Accountable for Cybersecurity Failures

Posted on by

The average cost of a data breach for companies surveyed has grown to $4 million, a 29% increase since 2013, with the per-record costs continuing to rise, according to the 2016 Ponemon Cost of a Data Breach Study, sponsored by IBM. The average cost hit $158 per record, but they are far more costly in highly regulated industries—in healthcare, for example, businesses are looking at $355 each, a full $100 more than in 2013. These incidents have grown in both volume and sophistication, with 64% more security incidents reported in 2015 than in 2014.

Ponemon wrote:

Leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach–saving companies nearly $400,000 on average (or $16 per record). In fact, response activities like incident forensics, communications, legal expenditures and regulatory mandates account for 59 percent of the cost of a data breach. Part of these high costs may be linked to the fact that 70 percent of U.S. security executives report they don’t have incident response plans in place.

With so much on the line, more and more companies and consumers continue to search for whom to hold accountable for cybersecurity failures, and the message is becoming clearer: executives need to get serious or watch out.

In a recent report from Bay Dynamics, “How Boards of Directors Really Feel About Cyber Security Reports,” board members expressed a surprising amount of confidence in their abilities to understand and act on cyberrisk threats and indicated there are real risks on the table for IT and security executives. Almost all of those surveyed said that some form of action will be taken should these executives not provide useful and actionable information, with 59% claiming there is a good chance one or more security executives would lose their job over such reporting failures.

More board members (26%) ranked cybersecurity risk as their highest corporate priority than any other risk, including financial, legal, regulatory and competitive risks, and 89% said they are “very involved” in making cybersecurity decisions.

Following the typical presentations from IT and security executives, more than three in five board members are both significantly or very “satisfied” (64%) and “inspired” (65%), but 32% are significantly or very “worried,” and 19% are significantly or very “confused” and “angry.”

According to the report:

Of the information provided to them during these presentations, the majority of board members (97%) say they know exactly what to do or have a good idea of what to do with the information. This statistic, however, does conflict with IT and security executives’ thoughts on the information they present. Based on our December 2015 survey, only 40% of IT and security executives believe the information they provide the board is actionable. There is a clear disconnect here between what the board perceives is actionable information, and what IT and security executives define as data that can be used to make informed decisions.

“IT and security executives are focusing on what they believe are the most impactful issues: a) forward-looking information about known vulnerabilities that could potentially harm the company in the future, b) specifics about data that was lost as a result of known infiltrations and data breaches, and c) the impact of these infiltrations and breaches,” Bay reports. “Interestingly, while information about how much is spent to address cyber risk is reported by IT and security executives in less than one-half of the companies surveyed, this was the most commonly cited information that board members said they needed to make investments for cyber risk planning and expenditures.”

Bay also pointed to a critical challenge in the education gap of many board members and the reliance upon information security executives: a large portion of the education board members have on infosec is from the organization’s IT and security executives, and “when the person education you on cybersecurity is the same individual tasted with measuring and reducing cyberrisk, there’s a fundamental disconnect.” It is extremely difficult for board members to understand what they are missing without education of their own and a third-party audit in place.

As cyberrisk continues to become a top enterprise risk priority, the consequences of failure may impact more of the C-suite than just chief information security officers or top IT executives. In May, following a social engineering fraud case that resulted in a wire transfer of 50 million euros, Austrian aircraft parts manufacturer FACC fired its chief executive of 17 years. Some regulators also want to start holding chief executives accountable in a way that truly speaks to them: their paychecks.

online pharmacy suhagra with best prices today in the USA

According to a report from members of parliament on the British Culture, Media and Sport Select Committee, Britain’s status as the leading internet economy in the G20 is under threat from a combination of increasing reliance on digital infrastructure, and inadequate protection of it. To address the issue, they suggest that chief executives who fail to prevent cybersecurity breaches have a portion of their pay docked.

Such was the case with Baroness Harding, the chief executive of TalkTalk, Britain’s fourth-largest broadband provider, which suffered a high-profile cyberattack recently.

online pharmacy mobic with best prices today in the USA

Her performance bonus was slashed by more than a third as a result of the company’s security failings.

online pharmacy naprosyn with best prices today in the USA

“Companies must have robust strategies and processes in place, backed by adequate resources and clear lines of accountability, to stay one step ahead in a sophisticated and rapidly evolving environment,” said Jesse Norman, chairman of the committee. “Failure to prepare for or learn from cyber-attacks, and failure to inform and protect consumers, must draw sanctions serious enough to act as a real incentive and deterrent.”

How to Influence Risk Management Standards, Frameworks and Guidelines

Posted on by

What do you want risk management standards, frameworks and guidelines to do for your success? Many people depend on these documents to provide needed guidance.

online pharmacy advair with best prices today in the USA

Yet, you have heard the reasons people give for not wanting to deal with risk management standards and frameworks. Perhaps you have even voiced these yourself, at one time or another:

  • Our organization is so unique, no one standard or framework could possibly apply.
  • Standards are the same as regulations—we don’t need more regulations.
  • We know what we are doing—we don’t need any guidance. Those things don’t apply to us anyway.

Whether we like it or not, standards are a part of life and our daily language. We refer to a gold standard as a measure of excellence. There are standard breeds of dogs, horses and even chickens. We have internet standards. And what would we do without standards of care, and food safety standards?

Standards have been around a long time, and actually have benefited society. When time was standardized along the prime meridian, commerce flourished. When the United States decided to build the transcontinental railroad using a standard gauge, deliveries of passengers and goods were made more efficiently. Anyone who has traveled internationally can attest to at least one outcome when there is a lack of standards: the proliferation of power adapters that are needed when representatives from different nations gather.

Standards and guidelines—which typically are voluntary—are not regulations. Standards are created through consensus, public comment and acceptance. Regulations, on the other hand, are mandated through legislation. A primary standard (or “recognized” standard) is an established norm or collection of “best practices” that evolve over time under the jurisdiction of an international, regional or national standards development body. Standards are published as a formal document that can establish criteria, methods, processes and practices. In contrast, a guidance document, company product, corporate standard, etc., that may be developed outside of a recognized standards setting body—but which becomes generally accepted—is often called a de facto standard.

Ultimately, standards provide value when they foster common understanding reflecting collective wisdom, while creating efficiencies and better results for the organizations using them. In benefiting organizations, risk management standards generally recommend, but do not require, risk management criteria, methods, processes and practices. Therefore, they boost risk management’s value—one of the reasons you should care about risk management standards, frameworks and guidelines. And shouldn’t you be involved in developing guidance about your daily work? Another reason to care.

The problem is not a shortage of risk management standards and frameworks, but the proliferation of standards and frameworks that, at times, seem to contradict each other. The result is confusion, even about how terms and concepts are used. Sorting through these contradictions is challenging, particularly when others in the organization may be advocating a different risk management approach. These differences lead respective proponents to argue about which one is “right” or “better,” rather than focusing on the value that risk management can deliver. Creating a new risk management standard does not necessarily help the situation, as it usually just becomes one more competing standard.

There is an unmistakable need for understanding how to apply various risk management standards.

online pharmacy azithromycin with best prices today in the USA

Another reason for you to care: how complementary—or contradictory—risk management standards and frameworks may be can either help or hurt your efforts.

ACT NOW

We all have a unique opportunity right now to influence two of the major risk management guidance documents: ISO 31000:2009 developed by the International Organization for Standardization and the COSO ERM Framework 2004 under the auspices of the Committee of Sponsoring Organizations. Both are undergoing revision reviews at this time.

To influence the ISO 31000 revision: Seek to join the national mirror committee of your country. In the United States, the Technical Advisory Group for the American National Standards Institute (ANSI) is administered by the Association of Safety Engineers (ASSE) and chaired by Carol Fox, RIMS vice president of strategic initiatives. If you are interested in joining the US TAG, contact Ovidiu Munteanu for information and an application (omunteanu@asse.org).

To influence the COSO revision: The revision is open for public comment June 15 through September 30, 2016. COSO has expanded its website, www.COSO.org, with a section on the Framework update that includes the proposed Framework, survey and comment tools, and FAQs about the project, details of the most significant updates and how to respond to the survey. Written comments on the exposure draft will become part of the public record and will be available on the COSO website through Dec.

online pharmacy fluoxetine with best prices today in the USA

31, 2016.